Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Secure Critical Infrastructure Top of Mind for U.S.

Attacks targeting critical infrastructure system are ramping up – and defense has become a top priority for the U.S. government.

When it comes to cyber-threats and defense, the U.S. government says that critical infrastructure threats are a growing concern.

Rob Joyce, senior advisor of cybersecurity strategy for the National Security Agency (NSA), said that while attacks targeting the systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors have been around for awhile, the trend “is going the wrong way.”

“We have to get critical infrastructure secured, and that goes across multiple sectors, including financial, health and transportation,” he said Tuesday, speaking at the WSJ Cyber Security Forum in NYC. “It’s becoming more and more important to do that right as we enter the era of the internet of things (IoT) and more tech is connected. We see botnets formed up of compromised equipment at scale and turned against targets, which are usually critical infrastructure.”

Attackers have been targeting critical infrastructure for awhile: including the 2016 Ukrainian outage and going all the way back to the 2013 Iranian DDoS attacks and the emergence of sabotage-bent malware like Stuxnet and Shamoon.

But the problem isn’t going away: according to a Kaspersky Lab report earlier this year, a full 41.2 percent of industrial control system (ICS) were attacked by malicious software at least once in the first half of 2018.

The campaign, dubbed Operation Sharpshooter, began Oct. 25 when a splay of malicious documents were sent via Dropbox. The campaign’s implant has since appeared in 87 organizations worldwide, predominantly in the U.S. and in English-speaking companies.

Paul Abbate, associate deputy director of the FBI, urged critical infrastructure companies large and small to reach out if they were victim to any sort of cyberattack.

“Cyber-threats are becoming increasingly more complex and expanding rapidly,” said Abbate. “We’re maturing in our overall strategy across law enforcement and the private sector – we’re seeking to go 100 percent like we do with terrorism.”

Critical infrastructure threats are seemingly only getting worse: Kaspersky Lab researchers who analyzed telemetry information from customers said they saw a consistent rise in the percentage of attacks in critical infrastructure. The year-ago data showed the percentage of ICS computers attacked to be 36.61 percent; that then ticked upward to 37.75 percent in the second half of 2017.

The biggest challenge when it comes to securing critical infrastructure and other potential attack targets is “getting people to do the basics,” said Joyce.

That includes getting boards and CEOs to invest in security and designing products with security at top-of-mind.

“We’ve got a lot of room to improve – and it starts with protecting with good passwords and patching,” he said. “We have to understand that we’ve put a lot of things into tech, and I don’t know if we’ve done all we need to do to protect that tech.”

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.